<?

  if(isset($_POST["user"]) && isset($_POST["pass"])) {
     $u = mysql_escape_string($_POST["user"]);
	   p = mysql_escape_string($_POST["pass"]);  
		$res = sql("SELECT * from users WHERE user='$u' and pass='$p'");
		if($res[0]["name"] ) {
		    $_SESSION["name1"] = $res[0]["name"];
		    $_SESSION["name2"] = $res[0]["name2"];
		    $_SESSION["email"] = $res[0]["email"];			 
	   }
		return;
  }

?>